1
我试图用Naxsi,以确保我的Nginx服务器,但是当我试图重新启动Nginx的我得到这个错误:为什么Nginx在包含Naxsi规则时返回错误?
Restarting nginx: nginx: [emerg] "LearningMode" directive is not allowed here in /etc/nginx/naxsi.rules:4
nginx: configuration file /etc/nginx/nginx.conf test failed
这里是我的nginx.conf文件
user www-data;
worker_processes 4;
pid /var/run/nginx.pid;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
gzip_types text/plain
text/css
application/json
application/x-javascript
text/xml
application/xml
application/xml+rss
text/javascript;
include /etc/nginx/naxsi_core.rules;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
naxsi_core.rules是文件默认naxsi的规则。 conf.d所以没有icluded规则和内部sites-enabled是我的默认服务器的conf文件是空的:
server {
listen 8090;
server_name example.com;
root /home/test/unicorn/public;
include /etc/nginx/naxsi.rules;
}
在这里,我包括naxsi.rules这是默认的规则naxsi文件:
LearningMode;
SecRulesEnabled;
#SecRulesDisabled;
DeniedUrl "/RequestDenied";
## check rules
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$EVADE >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
这是正确的。错误的块。 – 2016-04-06 15:32:30